More in The Future of Transportation

Drivers, for instance, may no longer be drivers, relying instead on hailing a driverless car on demand, and if they do decide to buy, they will likely share the vehicle—by renting it out to other people when it isn’t in use.

Auto makers, meanwhile, already are looking for ways to sustain their business as fewer people make a long-term commitment to a car.

And startups will spring up to develop services that this new ownership model demands—perhaps even create whole new industries around self-driving cars and ride sharing.

Here’s a look at the changes to come, and what they mean.

Drivers: No more permanent arrangements

Car ownership, for a long time, has symbolized freedom and independence. But in the future, it may be akin to owning a horse today—a rare luxury.

Ride sharing as we know it will grow in popularity as people get even more comfortable with the sharing economy, and more people migrate to dense cities where owning a car is a burden. One-quarter of miles driven in the U.S. may be through shared, self-driving vehicles by 2030, according to an estimate by Boston Consulting Group.

And the business of ride sharing may take on some new forms.

Startups such as Los Angeles-based Faraday Future envision selling subscriptions to a vehicle—for instance, allowing people to use it for a certain number of hours a day, on a regular schedule for a fixed price. So, people who need a vehicle for a few hours daily to attend meetings or make deliveries could subscribe and avoid having to summon on-demand rides every day (and potentially paying a lot more).

Other companies are experimenting with the idea of allowing drivers to access more than just one kind of vehicle through a subscription—so, a driver might choose a compact model one day but a minivan another day if she needed more passenger space.

“By 2022, 2023, the majority of transportation in urban cities with temperate weather will be on demand, shared and likely autonomous,” says Aarjav Trivedi, chief executive of Ridecell, a San Francisco company that provides the back-end software for car sharing.

Even people who do end up buying a car may come to see it as a short-term arrangement—and a source of income.

Chief Executive Elon Musk has hinted that he’s preparing to create a network of Tesla owners that could rent out their self-driving cars to make money. Already, some drivers are testing this idea using other services that let them market their cars, something like Airbnb rentals on wheels.

Take Jeff Cohen, who works for an electric-vehicle-charging company. His wife balked at his desire to buy the Model S sedan, which Tesla Inc. typically sells for about $100,000.

He persuaded her to allow him to buy a Tesla if he would in turn rent it out on a site called Turo. Doing so—at $189 a day—almost covered the cost of the entire monthly loan payment while giving him the ability to drive the electric car around Atlanta when not in service, he says. “It allowed me to get the car,” says Mr. Cohen, 58 years old. “We weren’t in agreement that we could get a car like this without some way to fund it.”

Turo, which had more than three million people sign up for the service through the end of May, says Teslas, along with BMW and Mercedes-Benz cars are among the more popular searched vehicles on the site.

Waymo has begun public trials of self-driving minivans in Phoenix for select users. Photo: Waymo

“A lot of people are realizing that the car is no longer just a cost—it’s an asset,” says Andre Haddad, Turo’s chief executive.

Of course, the biggest obstacle to many of the changes may be the most simple: People have to be willing to give up the idea of owning their car—something that has been culturally ingrained over many decades.

What’s more, under this vision, car buyers won’t just give up the idea of sole ownership. They may also give up the idea of sitting behind the wheel by using autonomous vehicles.

They will have a powerful incentive to do so. A study by Deloitte Consulting, for example, estimates that the cost of personal car ownership is on average 97 cents a mile today but could drop by two-thirds in a world of shared, self-driving vehicles—a tipping point that could usher the technology into daily life for many people. In cities, the idea will be even more appealing, because it takes away the unpleasant sides of ownership, such as parking and negotiating traffic jams.

Companies are already looking at how to market vehicles to overcome some of the possible psychological resistance to nonownership. Waymo, the self-driving tech unit of Google parent Alphabet Inc., has begun public trials of self-driving minivans in Phoenix for select users, with the eventual goal of testing them with hundreds of families.

The goal is a better understanding how to make such a service appealing enough to take the place of a family car.

“We’re really experimenting here with how far our users can go in terms of using a service like this one to replace their own personal transportation,” says John Krafcik, head of Waymo and a former automotive-industry executive.

Big auto makers: Making peace with on-demand services

For auto giants, the new ownership models—whether for traditional cars or self-driving ones—constitute a major threat.

As a result of both driverless cars and fleets of robot taxis, sales of conventionally purchased automobiles may likely drop. What’s more, because autonomous cars will likely be designed to be on the road longer with easily upgradable or replaceable parts, the results could be devastating to auto makers that have built businesses around two-car households buying new vehicles regularly. Currently, cars get replaced every 60 months on average, according to Experian.

“It may become more like the airline business where we see jets that have been in service for 50 years,” says Chris Ballinger, chief financial officer and head of mobility services at the Toyota Research Institute. “Now I don’t think a car will be in service for 50 years but I’m saying it may move in that direction…with tens of millions of miles and decades of service.”

Your Next Car May Be a Living Room on Wheels

With driverless cars moving closer to reality, car makers and designers are imagining a future where car interiors look more like a high-tech living room. Photo: Morgan Anderson/Yanfeng

In response, some car companies are trying to meet that threat head-on, by experimenting with different ownership models.

One plan to get drivers to buy a vehicle of their own is to help owners rent out their vehicles, as they would in Mr. Musk’s planned network of Tesla owners. Toyota’s Lexus brand is testing payment plans that let people subsidize the purchase of pricey cars by renting them through a service called Getaround. The hope is that young buyers, who have been eschewing traditional ownership but are still attracted to luxury nameplates, will grab the chance to afford fancy cars on Corolla budgets.

Members of BMW’s ReachNow service can get access to a fleet of the company’s vehicles. Photo: ReachNow

BMW, meanwhile, is experimenting with shared rides through its Reachnow service. Members can get access to a fleet of BMW vehicles—and Minis, in some areas—that they pick up as needed and can drop off anywhere when they’re done.

General Motors Co. , the largest U.S. auto maker by sales, seems to be hedging all bets. The company acquired an autonomous-car tech startup called Cruise Automation last year in a deal with a potential value of more than $1 billion. It also invested $500 million in ride-share company Lyft, as well as starting a car-sharing service of its own called Maven.

Meanwhile, it’s offering Cadillac customers the ability to subscribe to ownership, letting them use a vehicle for a month at a flat fee.

New businesses: Helping to power a new industry

The advent of self-driving cars will give people more free time while in the vehicle. And that will create new opportunities for car makers and others to make money.

Autonomous vehicles could ultimately free up more than 250 million hours of consumers’ commuting time a year, unlocking a new so-called passenger economy, according to Intel Corp. , which is trying to provide the computing power behind self-driving software.

The chip maker released a study in June that estimates as much as $800 billion could be generated by 2035 by this passenger economy, while as much as $7 trillion could be in play by 2050.

All of which might explain why new entrants to transportation, such as Apple Inc.,Amazon.com Inc. and Samsung Electronics Co. , are exploring the field. Apple in April, for example, became licensed to test-drive autonomous vehicles on California roadways.

This could lead to a turn away from using the exterior of the vehicle as a selling point and focusing on making the interior as comfortable and loaded with features as possible.

In some cases, that means turning cars into living rooms on wheels: Harman International Industries Inc., the auto-parts supplier acquired by Samsung for $8 billion, demonstrated in Las Vegas earlier this year a vision of a car that replaces a vehicle’s windows with video screens that create a wraparound movie theater inside the cabin.

Design firms will also cook up features designed to ease people into the practice of sharing rides regularly. IDEO, the design firm that came up with Apple’s first computer mouse, has released a vision of autonomous vehicles designed to accommodate strangers who end up riding together.

One central feature is “pods”—seats that can be adjusted to block a passenger from the view of the others—and there are areas in the vehicle that allow them to lock items while other people use the car.

Other companies are working on ways to make cars recognize passengers’ digital profiles and become more responsive to their needs. That might involve things such as reminding someone that a calendar appointment is coming up, and nudging them to leave earlier that day, or giving advice on places to eat along their route or ways to shop online while in traffic.

Zoox, a startup valued at more than $1.5 billion, is working on designing a robot taxi that takes the entire riding experience into consideration, co-founder Timothy Kentley-Klay said last year.

Although he didn’t go into details on the so-called mobility service’s features, Mr. Kentley-Klay said that such a vehicle would be “smart enough to understand its environment, but importantly, it’s also smart enough to understand you, where you need to be, what you want to do in the vehicle and how you want to move around the city.”

Previous Transportation Coverage

Existing industries may change to support an autonomous, shared future. For instance, the alcohol industry might see a rise in drinks consumed weekly with customers not having to worry about driving home, says a Morgan Stanley report by analyst Adam Jonas. He estimates the $1.5 trillion annual market might expand by $250 billion due to autonomous vehicles.

One industry that knows cars very well—dealerships—may also adjust to fit the changing times: Managing autonomous car fleets may be a new line of business. Toyota’s Mr. Ballinger noted that auto makers’ finance arms largely finance local franchise dealers’ inventories, called floor plans.

“It may be a variation of that model where we continue to finance the floor plan, only the floor plan now isn’t an inventory of cars ready for sale but an inventory of cars going around providing services—maintained and managed by the dealer or somebody like the dealer,” Mr. Ballinger says.

For all the speculation about big changes on the way, and plans to meet those changes, it’s important to remember that drivers may want to hang onto some form of ownership even if others are more convenient and cost-effective.

Mr. Cohen, after spending about two years renting out his Model S on Turo, has begun to wind down that effort.

“At almost exactly the second anniversary of that note, I paid off my Tesla,” he says. He’s keeping an eye on Tesla’s ambitions for renting out autonomous vehicles, though he is dubious about giving up the thrill of driving. “For me, autonomous driving is not something I am looking forward to,” he said, “but I can tell you that my 25-year-old son and recent UVA Law School graduate certainly is.”

Mr. Higgins is reporter for The Wall Street Journal in San Francisco. He can be reached at [email protected]

Conventional wisdom says one reason so many hackers seem to hail from Russia and parts of the former Soviet Union is that these countries have traditionally placed a much greater emphasis than educational institutions in the West on teaching information technology in middle and high schools, and yet they lack a Silicon Valley-like pipeline to help talented IT experts channel their skills into high-paying jobs. This post explores the first part of that assumption by examining a breadth of open-source data.

The supply side of that conventional wisdom seems to be supported by an analysis of educational data from both the U.S. and Russia, which indicates there are several stark and important differences between how American students are taught and tested on IT subjects versus their counterparts in Eastern Europe.

Compared to the United States there are quite a few more high school students in Russia who choose to specialize in information technology subjects. One way to measure this is to look at the number of high school students in the two countries who opt to take the advanced placement exam for computer science.

According to an analysis (PDF) by The College Board, in the ten years between 2005 and 2016 a total of 270,000 high school students in the United States opted to take the national exam in computer science (the “Computer Science Advanced Placement” exam).

Compare that to the numbers from Russia: A 2014 study (PDF) on computer science (called “Informatics” in Russia) by the Perm State National Research University found that roughly 60,000 Russian students register each year to take their nation’s equivalent to the AP exam — known as the “Unified National Examination.” Extrapolating that annual 60,000 number over ten years suggests that more than twice as many people in Russia — 600,000 — have taken the computer science exam at the high school level over the past decade.

In “A National Talent Strategy,” an in-depth analysis from Microsoft Corp. on the outlook for information technology careers, the authors warn that despite its critical and growing importance computer science is taught in only a small minority of U.S. schools. The Microsoft study notes that although there currently are just over 42,000 high schools in the United States, only 2,100 of them were certified to teach the AP computer science course in 2011.

A HEAD START

If more people in Russia than in America decide to take the computer science exam in secondary school, it may be because Russian students are required to study the subject beginning at a much younger age. Russia’s Federal Educational Standards (FES) mandate that informatics be compulsory in middle school, with any school free to choose to include it in their high school curriculum at a basic or advanced level.

“In elementary school, elements of Informatics are taught within the core subjects ‘Mathematics’ and ‘Technology,” the Perm University research paper notes. “Furthermore, each elementary school has the right to make [the] subject “Informatics” part of its curriculum.”

The core components of the FES informatics curriculum for Russian middle schools are the following:

SECONDARY SCHOOL

There also are stark differences in how computer science/informatics is taught in the two countries, as well as the level of mastery that exam-takers are expected to demonstrate in their respective exams.

Again, drawing from the Perm study on the objectives in Russia’s informatics exam, here’s a rundown of what that exam seeks to test:

Part 1 is a multiple-choice test with four given options, and it covers all the blocks. Relatively little time is set aside to complete this part.

Part 2 contains a set of tasks of basic, intermediate and advanced levels of complexity. These require brief answers such as a number or a sequence of characteristics.

Part 3 contains a set of tasks of an even higher level of complexity than advanced. These tasks usually involve writing a detailed answer in free form.

According to the Perm study, “in 2012, part 1 contained 13 tasks; Part 2, 15 tasks; and Part 3, 4 tasks. The examination covers the key topics from the Informatics school syllabus. The tasks with detailed answers are the most labor intensive. These include tasks on the analysis of algorithms, drawing up computer programs, among other types. The answers are checked by the experts of regional examination boards based on standard assessment criteria.”

ADMIRING THE PROBLEM

How do these two tests compare? Alan Paller, director of research for the SANS Institute — an information security education and training organization — says topics 2, 3, 4 and 6 in the Russian informatics curriculum above are the “basics” on which cybersecurity skills can be built, and they are present beginning in middle school for all Russian students.

“Very few middle schools teach this in the United States,” Paller said. “We don’t teach these topics in general and we definitely don’t test them. The Russians do and they’ve been doing this for the past 30 years. Which country will produce the most skilled cybersecurity people?”

Paller said the Russian curriculum virtually ensures kids have far more hands-on experience with computer programming and problem solving. For example, in the American AP test no programming language is specified and the learning objectives are:

“How are programs developed to help people and organizations?”“How are programs used for creative expression?”“How do computer programs implement algorithms?”“How does abstraction make the development of computer programs possible?”“How do people develop and test computer programs?”“Which mathematical and logical concepts are fundamental to programming?”

“Notice there is almost no need to learn to program — I think they have to write one program (in collaboration with other students),” Paller wrote in an email to KrebsOnSecurity. “It’s like they’re teaching kids to admire it without learning to do it. The main reason that cyber education fails is that much of the time the students come out of school with almost no usable skills.”

THE WAY FORWARD

On the bright side, there are signs that computer science is becoming a more popular focus for U.S. high school students. According to the latest AP Test report (PDF) from the College Board, almost 58,000 Americans took the AP exam in computer science last year — up from 49,000 in 2015.

However, computer science still is far less popular than most other AP test subjects in the United States. More than a half million students opted for the English AP exam in 2016; 405,000 took English literature; almost 283,000 took AP government, while some 159,000 students went for an AP test called “Human Geography.”

This is not particularly good news given the dearth of qualified cybersecurity professionals available to employers. ISACA, a non-profit information security advocacy group, estimates there will be a global shortage of two million cyber security professionals by 2019. A report from Frost & Sullivan and (ISC)2 prognosticates there will be more than 1.5 million cybersecurity jobs unfilled by 2020.

The IT recruitment problem is especially acute for companies in the United States. Unable to find enough qualified cybersecurity professionals to hire here in the U.S., companies increasingly are counting on hiring foreigners who have the skills they’re seeking. However, the Trump administration in April ordered a full review of the country’s high-skilled immigration visa program, a step that many believe could produce new rules to clamp down on companies that hire foreigners instead of Americans.

Some of Silicon Valley’s biggest players are urging policymakers to adopt a more forward-looking strategy to solving the skills gap crisis domestically. In its National Talent Strategy report (PDF), Microsoft said it spends 83 percent of its worldwide R&D budget in the United States.

“But companies across our industry cannot continue to focus R&D jobs in this country if we cannot fill them here,” reads the Microsoft report. “Unless the situation changes, there is a growing probability that unfilled jobs will migrate over time to countries that graduate larger numbers of individuals with the STEM backgrounds that the global economy so clearly needs.”

Microsoft is urging U.S. policymakers to adopt a nationwide program to strengthen K-12 STEM education by recruiting and training more teachers to teach it. The software giant also says states should be given more funding to broaden access to computer science in high school, and that computer science learning needs to start much earlier for U.S. students.

“In the short-term this represents an unrealized opportunity for American job growth,” Microsoft warned. “In the longer term this may spur the development of economic competition in a field that the United States pioneered.”

This entry was posted on Thursday, June 22nd, 2017 at 10:29 amand is filed under Other.You can follow any comments to this entry through the RSS 2.0 feed.You can skip to the end and leave a comment. Pinging is currently not allowed.

NEWARK — There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.

On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.

In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?

Since then, Mr. Ben-Oni has been sounding alarm bells, calling anyone who will listen at the White House, the Federal Bureau of Investigation, the New Jersey attorney general’s office and the top cybersecurity companies in the country to warn them about an attack that may still be invisibly striking victims undetected around the world.

“I don’t pursue every attacker, just the ones that piss me off,” Mr. Ben-Oni told me recently over lentils in his office, which was strewn with empty Red Bull cans. “This pissed me off and, more importantly, it pissed my wife off, which is the real litmus test.”

Two weeks after IDT was hit, the cyberattack known as WannaCry ravaged computers at hospitals in England, universities in China, rail systems in Germany, even auto plants in Japan. No doubt it was destructive. But what Mr. Ben-Oni had witnessed was much worse, and with all eyes on the WannaCry destruction, few seemed to be paying attention to the attack on IDT’s systems — and most likely others around the world.

The strike on IDT, a conglomerate with headquarters in a nondescript gray building here with views of the Manhattan skyline 15 miles away, was similar to WannaCry in one way: Hackers locked up IDT data and demanded a ransom to unlock it.

But the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines.

Worse, the assault, which has never been reported before, was not spotted by some of the nation’s leading cybersecurity products, the top security engineers at its biggest tech companies, government intelligence analysts or the F.B.I., which remains consumed with the WannaCry attack.

Were it not for a digital black box that recorded everything on IDT’s network, along with Mr. Ben-Oni’s tenacity, the attack might have gone unnoticed.

Scans for the two hacking tools used against IDT indicate that the company is not alone. In fact, tens of thousands of computer systems all over the world have been “backdoored” by the same N.S.A. weapons. Mr. Ben-Oni and other security researchers worry that many of those other infected computers are connected to transportation networks, hospitals, water treatment plants and other utilities.

An attack on those systems, they warn, could put lives at risk. And Mr. Ben-Oni, fortified with adrenaline, Red Bull and the house beats of Deadmau5, the Canadian record producer, said he would not stop until the attacks had been shut down and those responsible were behind bars.

“The world is burning about WannaCry, but this is a nuclear bomb compared to WannaCry,” Mr. Ben-Oni said. “This is different. It’s a lot worse. It steals credentials. You can’t catch it, and it’s happening right under our noses.”

Targeting the Nerve Center

Mr. Ben-Oni, 43, a Hasidic Jew, is a slight man with smiling eyes, a thick beard and a hacker’s penchant for mischief. He grew up in the hills of Berkeley, Calif., the son of Israeli immigrants.

Even as a toddler, Mr. Ben-Oni’s mother said, he was not interested in toys. She had to take him to the local junkyard to scour for typewriters that he would eventually dismantle on the living room floor. As a teenager, he aspired to become a rabbi but spent most of his free time hacking computers at the University of California, Berkeley, where his exploits once accidentally took down Belgium’s entire phone system for 15 minutes.

To his parents’ horror, he dropped out of college to pursue his love of hacking full time, starting a security company to help the city of Berkeley and two nearby communities, Alameda and Novato, set up secure computer networks.

He had a knack for the technical work, but not the marketing, and found it difficult to get new clients. So at age 19, he crossed the country and took a job at IDT, back when the company was a low-profile long-distance service provider.

As IDT started acquiring and spinning off an eclectic list of ventures, Mr. Ben-Oni found himself responsible for securing shale oil projects in Mongolia and the Golan Heights, a “Star Trek” comic books company, a project to cure cancer, a yeshiva university that trains underprivileged students in cybersecurity, and a small mobile company that Verizon recently acquired for $3.1 billion.

Which is to say he has encountered hundreds of thousands of hackers of every stripe, motivation and skill level. He eventually started a security business, IOSecurity, under IDT, to share some of the technical tools he had developed to keep IDT’s many businesses secure. By Mr. Ben-Oni’s estimate, IDT experiences hundreds of attacks a day on its businesses, but perhaps only four each year give him pause.

Nothing compared to the attack that struck in April. Like the WannaCry attack in May, the assault on IDT relied on cyberweapons developed by the N.S.A. that were leaked online in April by a mysterious group of hackers calling themselves the Shadow Brokers — alternately believed to be Russia-backed cybercriminals, an N.S.A. mole, or both.

The WannaCry attack — which the N.S.A. and security researchers have tiedto North Korea — employed one N.S.A. cyberweapon; the IDT assault used two.

Both WannaCry and the IDT attack used a hacking tool the agency had code-named EternalBlue. The tool took advantage of unpatched Microsoft servers to automatically spread malware from one server to another, so that within 24 hours North Korea’s hackers had spread their ransomware to more than 200,000 servers around the globe.

The attack on IDT went a step further with another stolen N.S.A. cyberweapon, called DoublePulsar. The N.S.A. used DoublePulsar to penetrate computer systems without tripping security alarms. It allowed N.S.A. spies to inject their tools into the nerve center of a target’s computer system, called the kernel, which manages communications between a computer’s hardware and its software.

In the pecking order of a computer system, the kernel is at the very top, allowing anyone with secret access to it to take full control of a machine. It is also a dangerous blind spot for most security software, allowing attackers to do what they want and go unnoticed. In IDT’s case, attackers used DoublePulsar to steal an IDT contractor’s credentials. Then they deployed ransomware in what appears to be a cover for their real motive: broader access to IDT’s businesses.

Photo

Mr. Ben-Oni learned of the attack only when a contractor, working from home, switched on her computer to find that all her data had been encrypted and that attackers were demanding a ransom to unlock it. He might have assumed that this was a simple case of ransomware.

But the attack struck Mr. Ben-Oni as unique. For one thing, it was timed perfectly to the Sabbath. Attackers entered IDT’s network at 6 p.m. on Saturday on the dot, two and a half hours before the Sabbath would end and when most of IDT’s employees — 40 percent of whom identify as Orthodox Jews — would be off the clock. For another, the attackers compromised the contractor’s computer through her home modem — strange.

The black box of sorts, a network recording device made by the Israeli security company Secdo, shows that the ransomware was installed after the attackers had made off with the contractor’s credentials. And they managed to bypass every major security detection mechanism along the way. Finally, before they left, they encrypted her computer with ransomware, demanding $130 to unlock it, to cover up the more invasive attack on her computer.

Thank you for subscribing.

An error has occurred. Please try again later.

You are already subscribed to this email.

Mr. Ben-Oni estimates that he has spoken to 107 security experts and researchers about the attack, including the chief executives of nearly every major security company and the heads of threat intelligence at Google, Microsoft and Amazon.

With the exception of Amazon, which found that some of its customers’ computers had been scanned by the same computer that hit IDT, no one had seen any trace of the attack before Mr. Ben-Oni notified them. The New York Times confirmed Mr. Ben-Oni’s account via written summaries provided by Palo Alto Networks, Intel’s McAfee and other security firms he used and asked to investigate the attack.

“I started to get the sense that we were the canary,” he said. “But we recorded it.”

Since IDT was hit, Mr. Ben-Oni has contacted everyone in his Rolodex to warn them of an attack that could still be worming its way, undetected, through victims’ systems.

“Time is burning,” Mr. Ben-Oni said. “Understand, this is really a war — with offense on one side, and institutions, organizations and schools on the other, defending against an unknown adversary.”

‘No One Is Running Point’

Since the Shadow Brokers leaked dozens of coveted attack tools in April, hospitals, schools, cities, police departments and companies around the world have largely been left to fend for themselves against weapons developed by the world’s most sophisticated attacker: the N.S.A.

A month earlier, Microsoft had issued a software patch to defend against the N.S.A. hacking tools — suggesting that the agency tipped the company off to what was coming. Microsoft regularly credits those who point out vulnerabilities in its products, but in this case the company made no mention of the tipster. Later, when the WannaCry attack hit hundreds of thousands of Microsoft customers, Microsoft’s president, Brad Smith, slammed the government in a blog post for hoarding and stockpiling security vulnerabilities.

For his part, Mr. Ben-Oni said he had rolled out Microsoft’s patches as soon as they became available, but attackers still managed to get in through the IDT contractor’s home modem.

Six years ago, Mr. Ben-Oni had a chance meeting with an N.S.A. employee at a conference and asked him how to defend against modern-day cyberthreats. The N.S.A. employee advised him to “run three of everything”: three firewalls, three antivirus solutions, three intrusion detection systems. And so he did.

But in this case, modern-day detection systems created by Cylance, McAfee and Microsoft and patching systems by Tanium did not catch the attack on IDT. Nor did any of the 128 publicly available threat intelligence feeds that IDT subscribes to. Even the 10 threat intelligence feeds that his organization spends a half-million dollars on annually for urgent information failed to report it. He has since threatened to return their products.

“Our industry likes to work on known problems,” Mr. Ben-Oni said. “This is an unknown problem. We’re not ready for this.”

No one he has spoken to knows whether they have been hit, but just this month, restaurants across the United States reported being hit with similar attacks that were undetected by antivirus systems. There are now YouTube videos showing criminals how to attack systems using the very same N.S.A. tools used against IDT, and Metasploit, an automated hacking tool, now allows anyone to carry out these attacks with the click of a button.

Last month, he personally briefed the F.B.I. analyst in charge of investigating the WannaCry attack. He was told that the agency had been specifically tasked with WannaCry, and that even though the attack on his company was more invasive and sophisticated, it was still technically something else, and therefore the F.B.I. could not take on his case.

The F.B.I. did not respond to requests for comment.

So Mr. Ben-Oni has largely pursued the case himself. His team at IDT was able to trace part of the attack to a personal Android phone in Russia and has been feeding its findings to Europol, the European law enforcement agency based in The Hague.

The chances that IDT was the only victim of this attack are slim. Sean Dillon, a senior analyst at RiskSense, a New Mexico security company, was among the first security researchers to scan the internet for the N.S.A.’s DoublePulsar tool. He found tens of thousands of host computers are infected with the tool, which attackers can use at will.

“Once DoublePulsar is on the machine, there’s nothing stopping anyone else from coming along and using the back door,” Mr. Dillon said.

More distressing, Mr. Dillon tested all the major antivirus products against the DoublePulsar infection and a demoralizing 99 percent failed to detect it.

“We’ve seen the same computers infected with DoublePulsar for two months and there is no telling how much malware is on those systems,” Mr. Dillon said. “Right now we have no idea what’s gotten into these organizations.”

In the worst case, Mr. Dillon said, attackers could use those back doors to unleash destructive malware into critical infrastructure, tying up rail systems, shutting down hospitals or even paralyzing electrical utilities.

Could that attack be coming? The Shadow Brokers resurfaced last month, promising a fresh load of N.S.A. attack tools, even offering to supply them for monthly paying subscribers — like a wine-of-the-month club for cyberweapon enthusiasts.

In a hint that the industry is taking the group’s threats seriously, Microsoft issued a new set of patches to defend against such attacks. The company noted in an ominously worded message that the patches were critical, citing an “elevated risk for destructive cyberattacks.”

Mr. Ben-Oni is convinced that IDT is not the only victim, and that these tools can and will be used to do far worse.

“I look at this as a life-or-death situation,” he said. “Today it’s us, but tomorrow it might be someone else.”

Introduction | How to Hire an SEO for Your Real Estate Website

Your website may be beautiful, but if it’s not generating and capturing leads, it’s not functional. In fact, you may be downright invisible to prospects. It may be time to hire an SEO, a Search Engine Optimizer, who can give your website a much needed boost in visibility.

We’re living in a digital world. With so much content available online, the internet is the first place we go if we want to do research, find an answer to a question or make a purchase – even if that purchase is buying a house.

While a new homebuyer isn’t about to do the entire purchasing transaction online, they are likely to start searching the web for listings in their area and price range. This means by the time they connect with a real estate agent, they’ve already considered what they can afford, what they’d like to purchase and what homes they want to take a look at.

But that isn’t all. They also know which real estate agents they’d like to work with – before even making a phone call or talking to you in person. They’re using the information they’ve gathered online to make a decision.

If you’re not accessible or visible online, you’ll have a harder time being part of the running.

Understanding Search Engine Optimization

SEO, or Search Engine Optimization, is a digital marketing tactic that allows you to improve your search engine ranking.

By working with the algorithm that determines where each page falls on the search engine results list, you can boost your website so it reaches the first page of the results. The higher your ranking, the more likely you are to get selected by a searcher.

SERP stands for Search Engine Results Page. Your goal is to appear on page one when a user types in a query that matches your products or services.

SEO strategies work by looking at a search engine algorithm and working backward to fit the algorithm’s needs. To create an SEO strategy, consider the various things a search engine is looking for when it decides how to rank relevant pages. Then, make sure your website aligns. While this may sound simple, search engines are constantly changing their algorithms, making it difficult for non-experts to keep up.

When homebuyers are looking for valuable information online before ever picking up the phone, you want to make sure your content is reaching their eyes before they make a decision on which real estate agent to work with. The right SEO strategy can help you do this.

While you may be an expert at selling houses, the same strategies don’t apply to digital marketing.

Before You Hire an SEO, Have Realistic Expectations of What an SEO Can Do

Hiring an SEO isn’t enough to bring your website to the front page of a search. Getting to the top means you need to have a strong online presence all around. This includes content creation, website design, and even social media.

The right SEO should be able to provide insights and guidance on what you can do overall to improve your website and user experience.

Hold a Two-Way Interview

When you’re hiring an SEO to work on your real estate website, you’re not hiring an employee – you’re hiring a professional service provider. This means that the ball is not entirely in your court. Both you and the SEO need to agree you’re a good fit for one another.

By holding a two-way interview, both you and the SEO can get a good idea of how you’d work together. Both parties should be prepared to ask and answer questions, including the basics about budget, timeframe, and goals. You’ll also want to get into more in-depth questions and ask for references, examples of past work, and what benefit they can bring to your business. Ask what experience they have working with real estate websites specifically.

Prepare with answers of your own. Know what you hope to accomplish with an SEO strategy, what your expectations for the partnership are, and what direction you’re hoping to go in. Have an idea of what your budget is, what work you’d like to have done, and what kind of returns you’re hoping to see. Be prepared to sell yourself to the SEO just as much as they need to sell their services to you.

Bid for a Website Audit

If an SEO candidate has made it through the two-way interview, you’re ready to move on to the audit portion. Because an audit of your website requires extensive time and research, be prepared to pay a fee for an SEO to complete this step. However, the information will be crucial for moving forward in your SEO strategy creation.

By looking through your Google Analytics and search factors, an SEO can determine the main issues with your website and what areas can be improved. They can then use this information to make suggestions on what they would do if you were to hire them for the project.

Be sure that their audit report includes issues, suggested improvements, the cost for the service, how solving this issue will improve your business, and what they will do if the first plan of attack doesn’t work. By getting a complete guide from your SEO, you can ensure they’re prepared and fully understand what they’re doing.

Request an Accurate Timeline

Results from an SEO will not be immediate, but that doesn’t mean they’re not working. In fact, organic SEO results take time to manifest. Depending on the work you’ve already done, your level of competition, and where your site was originally ranking, it could take up to a year to really see results from your SEO strategy. However, many websites see an improvement in just a few months.

Don’t set both yourself and your SEO up for failure by asking for immediate results. Rushing, implementing practices meant to “trick” the algorithm, or creating unrealistic goals for your strategy will only waste your time and money.

When talking with an SEO you’re considering hiring, ask them to provide you with a realistic timeline for the work they will be doing. This timeline should also consider the amount of time it will take to create content, update the design of the website, and add keywords and descriptions to past pages and posts.

Seek out Articles and Videos to Support Suggestions

The thought of potentially waiting a year to see results from your SEO strategy is intimidating for many, but laying a solid foundation means you’ll need to make fewer changes in the future. But it also means you may not know for months that something is off or that a keyword isn’t as strong as you thought.

To help ensure you’re moving in the right direction, seek out articles, guides, or other materials that explain basic search engine strategies. Educate yourself on what’s standard practice in SEO. The goal is not necessarily to learn the intricate details, but to be wise enough gauge your expectations.

Even if you don’t know the first thing about SEO, don’t allow yourself to be fooled by someone only pretending to know what they’re doing.

Avoid Professionals Who Make Guarantees

We like to have guarantees that we’ll get what we want when we make a purchase. But just like you can’t guarantee you’ll find a client’s dream home within their budget in the perfect location, an SEO can’t guarantee you the prime real estate of the number-one ranking on Google. If an SEO is guaranteeing you a top slot, this can be a major red flag.

Because search engine results pages are controlled by an algorithm, there is really no way to determine exactly which page will make it to the top. While SEOs are experts in nudging the algorithm to get it to place pages in higher slots, even the best SEO available can’t guarantee it will get your link to the top.

If an SEO is guaranteeing things they can’t promise, they’re probably lying elsewhere. Rather than taking the risk and wondering what else they may be trying to hide from you, find an SEO with more trustworthy tactics.

Discuss the Communication Process

Few things are more annoying than hiring someone to do a job and then never being able to get in contact with them. Before you pay an SEO any money, talk to them about your expectations for communication and project approval. Make sure you know their expectations as well.

Don’t be afraid to get picky about how you communicate with your SEO. As a busy person always on the go, you need someone who can fit within your lifestyle. If you want someone you can text between meetings with a question or someone who isn’t afraid to call your cell phone, be sure your SEO knows this.

Also be sure to talk about an update schedule. Because most of what your SEO is doing day-to-day won’t intertwine with what you’re doing day-to-day, you may go weeks without ever speaking to your SEO. Be sure to set up an update schedule so you and your SEO know when to get in touch to talk progress.

Get Payment Details and Create a Contract

The final step of the hiring process is payment. Once you’ve selected the SEO you believe can help your real estate website and decided on the appropriate measures to take, take some time to discuss the SEO’s payment terms, fees, and invoice schedules.

While you probably got an idea of costs with the audit your SEO performed early in your relationship, now is the time to really hammer out the contract. Outline if you’re paying by project, by the hour, or by a monthly retainer. Include invoice due dates, details related to late payments, and what either party should do if the other end is not holding up their end of the contract.

If your SEO is creating and sending you the contract, be sure to read the details thoroughly. As a legally binding document, you want to know exactly what you’re agreeing to. If anything stands out as being incorrect or something you hadn’t discussed, don’t hesitate to ask them what it means.

What is a B.R.E.W.

Lori’s success at marketing her own real estate business online led to the launch of her digital marketing company, Ballen Brands. Although Lori and her marketing team were knocking it out of the park with things like lead generating, lead nurturing, lead capture, and search engine optimization, she was still struggling with how to create “the perfect” real estate website.

She and her team then invested all of their energies into brainstorming. In Lori’s idea, real estate websites should be imbued from the ground up with search engine optimization, then enhanced with content marketing strategies for organic ranking and lead generation, tools for lead capture, tracking and measuring systems, and more. In short, her goal was to create a website for real estate agents that was functional for business growth.

Conclusion

Search engine optimization is a complicated subject, especially for those not in the marketing world. For real estate agents looking to improve their online ranking and get their website found, using a professional SEO to help you create the right strategy can be career changing – but you want to be sure you’re using an SEO that understands what they’re doing.

Getting the right SEO strategy is an investment that will pay you back many times over. Be sure to follow these eight steps in finding and hiring the right SEO for your real estate website.

It’s the season of giving, and I have another great FREE resource for you today. It’s the “SEO Keyword Bible for Investors”. Thisis an enormously useful resource for investors.

For most people, keywords and how to use them correctly can be very confusing.

Here is the thing you need to know: your biggest source of leads to your website will come from organic traffic. It will come from searchable keyword and phrases. When you have a basic understanding of how keywords work and how to use them on your website, you will generate more traffic which means you will get more leads.

SEO for Real Estate Investors

When you click on the link below to get your free copy of the “SEO Keyword Bible for Investors”, it will take you to a page that has several short videos. Don’t be tempted to skip over the videos.

These videos will explain in great detail how to use this free resource no matter what type of website you have. This information isn’t just for Oncarrot websites so take a little time and dive into those videos. You will find it’s beneficial no matter what type of website you have.

The “SEO Keyword Bible for Investors” will show you the steps to take to get more leads to your website 24/7 . This free checklist has 16 actionable steps for improving SEO on your website.

The Videos

In video #1 you will get a good overview of keywords, what they are and how to use them.

The 3 C’s for Conversion

In video #2, you will find a lot more actionable information Here is just a taste of what you will learn starting with the “3 C’s for Conversion”.

1. Cell phone conversion. You need to pay attention to mobile. Over 21% of the Oncarrot leads came from cell phones. In this video you will also learn you why your conversion rate is higher on mobile. Now that’s interesting.

2.Call to Action Area. This area needs to be visible so it’s easy to for folks to contact you. You also need a very clear benefit statement. People want to quickly be able to identify how you can help them. (Remember that it’s all about them.)

3. Credibility Boosters. In this part of video #2, you will learn “10 things people are looking for on a website to determine if they want to work with you”. You don’t want potential sellers to leave your site based on a bad first impression of your site. One last tip. Don’t forget to add testimonials from satisfied customers.

Using the Training Videos to Help You Get More Leads

In video #1 you will learn how to add keywords and keyword phrases. Using keywords properly will help that organic traffic find your website.

In Video #2, you will learn how to convert more leads. Once you get those valuable leads, how do you convert more of them into sales? You will learn 4 simple ways to get more buyer and seller leads without extra traffic. You would like to know that right? You will learn to focus on lead volume increase before you worry about lead conversion.

Video #3 is a free webinar that you can watch that will go into this process in more depth.

Do You Need a Better Lead Generation Website?

If you don’t have a website or you need a better lead generation website, you can see a demo of the sites I use (and love) right here. Once again …. no obligation. Just check it out.

There is no “one way” you can make a bigger difference in your business in the next 12 months than by making your website better. Trust me on this.

Just Click Here for a Free Demo.One thing I want to point out is there are no contracts involved with Oncarrot websites. I would encourage you to give them a try. You can go month to month with any of their plans. If you decide to prepay for a year you will get a significant discount.

Get Your SEO Keyword Bible for Investors Here

Have you subscribed to the blog? If not be sure to do that today so you don’t miss any of the business building tips I have coming your way. I want this year to be your best year ever! And if you enjoyed this article, please share it.

“Search Engine Optimization” the term alone is scary. Let’s be honest, it sounds like a complicated mathematical process that only “experts” can understand.

SEO specialists are the wizards of digital marketing. They throw complicated words around, talk about legendary search algorithms and technical HTML terms. Truth be told, take away the fancy hat, the cape and the wand and you’ll soon realize, there is nothing magical about it!

In this step by step guide I will show you exactly what you have to do to optimize your search engine ranking and therefore attract more leads to your real estate business.

Google Search Console (previously called Google Webmaster Tools) is your website’s SEO dashboard. It is a free web service that Google provides to help you monitor your indexing status and optimize the visibility of your website.

The first thing you want to do on your quest for SEO greatness is to add and verify your website on Google Search Console. Shortly after doing so, you will receive an e-mail from Google with suggestions to improve your website’s search presence (don’t worry, we’ll go over the important tasks with you).

If you want to know more about Google Search Console, I recommend reading this article on the Moz Blog. Although it was written almost 2 years ago, most of the content is still relevant today and very easy to go through.

2) Add a sitemap.

” A sitemap is a file where you can list the web pages of your site to tell Google and other search engines about the organization of your site content. Search engine web crawlers like Googlebot read this file to more intelligently crawl your site.” –Google

Don’t worry, you are not going to have to create that file yourself. There are two possible options:

If you created your site with a website builder like Weebly or Wix, your sitemap will be generated automatically. All you have to do is add “/sitemap.xml” to your website’s URL.

If this isn’t the case, you can generate one for free with a tool like xml-sitemaps.com.

Next, you have to submit your sitemap on Google Search Console. To do so, simply click on the “Sitemaps” tab under the “Crawl” category.

Click on the “Add/Test Sitemap” button, fill in the blank with the url corresponding to your sitemap and hit submit.

3) Make sure your website is indexed.

Whether you just launched your website, created new pages or made significant changes, you are going to have to request an indexation of all this new content.

On the left hand side of your screen you will find different categories. Select the “Crawl” category and click on the tab “Fetch as Google”.

You will be able to request the indexation of all the pages of your website. Start with the home page. To do so, no need to edit the existing url, simply click on the “fetch” button.

If the status is “Complete” you can request indexing. A window will pop up asking you whether you want Google to crawl only that page, or also crawl all its direct links. I recommend (for the home page at least) choosing the second option. The latter will enable you to index your whole website automatically.

If some of your pages are not directly linked to your home page you will have to index them manually. Once again the process is very straightforward. Add the missing part of the URL, click on fetch, request indexing and choose the option “Crawl only this URL.”

Google will send its robots to crawl your page and fetch all the information. Changes should be accounted for within the next few days.

4) Improve the titles of your pages

The titles of your pages are extremely important for your SEO. I cannot stress that enough. Luckily, on most website builders they are very easy to change.

The first question you have to ask yourself is: “What is the web page about?“. The second one is: “What search query do I want to target?“

Once you’ve answered both, finding the right titles for your pages will be very easy. Let’s go through the process together. For the sake of this article, let’s imagine I am a realtor in Madison, WI.

Let’s start with my listings page

Step 1: What is the web page about?

This page is all about the homes you are selling. You want to make sure that the title reflects the content of the page. Trust me, there is no point in trying to trick Google with title pages that do not match the content of your website. First of all, it will simply not work. Secondly, you will be flagged and your SEO efforts will be useless.

What are people typing in Google when they want to find a new home in Madison or the best realtor in town? You can’t know for sure, but you can make an educated guess.

This is where keyword research comes into play. The aim of the game is to find the keyword that will attract the most qualified visitors to your website. However, you must be careful, you don’t want to aim for keywords that are too general (like “homes for sales” or “real estate”) for two reasons:

It will be impossible to compete for those keywords. Too many websites are already targeting them.

The goal is not to attract as many people as possible on your website. The goal is rather to attract quality leads.

In this example, “Homes for sale in Madison”, seems to be a good fit for our listings page.

Step 3: Check your competitors.

Like in any fight, it’s good to know who you are going up against. I recommend doing a search for the keywords you selected.

In this case, we are going up against large real estate companies like Century 21 or ReMax. But that doesn’t mean it’s impossible to rank on the first page! They are doing a pretty good job, but we can definitely do better!

Step 4: Guidelines for your titles

Before you start writing down ideas for titles, I want you to keep several guidelines in mind:

Don’t make them too long. Ideally you want to keep you title under 60 characters. I personally like to check the length of my titles with this tool

Don’t add too many irregular characters.

Keep it simple and don’t use technical jargon. It has to be easily understandable for your visitors.

Make them catchy!

Step 5: Finding the perfect title.

I came up with an example to show you a title that takes into account everything we previously discussed.

The Best Homes For Sale in Madison, WI | Joe Doe Realty

5) Meta descriptions that convert.

A meta description is a short text (of approximately 160 characters) that provides a concise description about the contents of a web page.

Meta descriptions do not affect the ranking of a specific webpage on a search engine. But, as the title suggests, a good meta description is critical to ensure people click on your link.

Let’s go back to the previous example I used.

As you can see the meta descriptions of these 3 pages are very different. Let me ask you a question: Which link would you click on? The first one right?

The reason is simple: it follows the basic guidelines of a perfect meta description.

It’s not too long (under 160 characters), although I personally recommend trying to aim for 140.

It’s not too short. The meta description has to provide enough information about the page.

It’s engaging. Asking a question is a great way to engage with your audience.

There is a call to action.

It’s not too technical. It’s important to keep it simple.

I’ll finish this section by giving you an example of a perfect structure for your web page.

I hope you will find these tips useful and will be able to use them to rock your SEO! If you have any questions or want to add something to the discussion, make sure to leave a message in the comment section below.

In the second part of this guide we will talk about URLS, on page content, image descriptions and much more…